---
title: Report a vulnerability
desc: How to report a Quasar security threat, vulnerability or exploit.
---

If you have found a potential security threat, vulnerability or exploit in Quasar or one of its upstream dependencies, please:

- **DON'T** create a pull-request
- **DON'T** file an issue on GitHub
- **DON'T** mention it on Discord and
- **DON'T** create a forum thread

**DO** reach out to the team by sending an email to `security [at] quasar [dot] dev` - we will investigate and work with you to triage this issue and help you to report it, if appropriate. At the current time we do not have the financial ability to reward bounties, but in extreme cases will at our discretion consider a reward.
